CVE-2019-5462

High

A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has…

hackerone·CWE-613·Published 2020-01-28

CVSS

8.8

EPSS

0.03

KEV

Exploits

cve.orgen

145 chars

A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed.

NVDen

145 chars

A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed.

Se detectó un problema de escalada de privilegios en GitLab CE/EE versiones 9.0 y posteriores, cuando los tokens de activación no son rotados una vez que la propiedad de ellos ha cambiado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H